Securing Windows Server 2003
暫譯: 保護 Windows Server 2003
Mike Danseglio
- 出版商: O'Reilly
- 出版日期: 2004-11-01
- 售價: $1,580
- 貴賓價: 9.5 折 $1,501
- 語言: 英文
- 頁數: 450
- 裝訂: Paperback
- ISBN: 0596006853
- ISBN-13: 9780596006853
-
相關分類:
Windows Server
已過版
買這商品的人也買了...
-
XILINX FPGA 數位邏輯設計$540$486 -
C++ Primer, 3/e 中文版$980$774 -
UML 與樣式徹底研究 (Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and the Unified Process, 2/e)$780$624 -
C++ Builder 6 完全攻略$690$587 -
ASP.NET 程式設計徹底研究$590$466 -
C# Primer Plus 中文版 (C# Primer Plus)$680$537 -
人月神話:軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)$480$379 -
$1,176Computer Organization and Design: The Hardware/Software Interface, 3/e(IE) (美國版ISBN:1558606041) -
視窗程式設計函式庫:Win 32 API(上)─打開視窗的秘密$680$578 -
視窗程式設計函式庫:Win 32 API(下)─視窗介面實務完全掌握$680$578 -
與熊共舞:軟體專案管理的風險管理 (Waltzing With Bears: Managing Risk on Software Projects)$380$300 -
PHP 網頁模組隨學隨用
$480$408 -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507 -
計算機組織與設計 (Computer Organization and Design: The Hardware/Software Interface, 3/e)$680$646 -
XML 網頁製作徹底研究, 3/e$650$553 -
C++ Primer Plus, 5/e 中文精華版$540$427 -
ASP.NET 2.0 深度剖析範例集$650$507 -
SQL 語法範例辭典$550$468 -
$529The Elements of Style, 4/e (IE-Paperback) -
$523Writing Academic English, 4/e -
Microsoft Office SharePoint Server 2007 實戰手冊$450$356 -
$1,068Cryptography and Network Security, 4/e (IE) (美國版ISBN:0131873164) (平裝) -
Advanced Engineering Mathematics, 9/e(Abridged International Student Edition)$1,100$1,078 -
Windows Vista 非常 Easy$299$254 -
ASP.NET 2.0 介面設計與資料存取 (Professional ASP.NET 2.0)$650$514
商品描述
Description:
With the success of computer viruses like Slammer, security issues are now a top priority for Windows system administrators, right alongside day-to-day tasks such as setting up accounts and managing performance. If you use Windows 2003 Server at a small to medium-sized organization, or use Microsoft's Small Business Server, this thorough yet concise tutorial offers the hands-on advice you need for securing your network.
Modern network operating systems include bundled services that range from traditional file and print sharing and Internet services to authentication, directory and remote access services each a potential security vulnerability as well as a capability. Securing Windows Server 2003 shows you how to put Windows security tools to work, and how to run the server's subsystems to protect users and resources. But that's just the beginning.
Network security needs to be well thought-out, not treated as a fire drill when a threat occurs. This book focuses primarily on ways to plan and implement a secure operating environment. Microsoft security veteran Mike Danseglio uses real-world examples to show you how various security concepts relate to your own system, including:
- File System Security
- Group Policy and security templates
- Running secure code
- Authentication
- IP security
- Public Key Certificates and Public Key Infrastructure
- Smart Card technology
- DHCP and DNS security
- Internet Information Services security
- Active Directory security
- Remote access security
- Security audits
- Sending secure email, and more
Many chapters include a debate, in which fictional protagonists discuss the pros and cons of a particular strategy or solution. These debates provide an objective look at competing methodologies, so you can select the solutions that best fit your network. Read this book cover to cover to create and implement a security plan, or use individual chapters as stand-alone lessons. Either way, Securing Windows Server 2003 will guide you safely through the morass of security threats.
Table of Contents:
Preface
1. Introduction to Windows Server 2003 Security
What Is Security?
What Is Windows Server 2003?
Security Design in Windows Server 2003
Security Features in the Windows Server 2003 Family
2. Basics of Computer Security
Why Computer Security Is Important
Security Enforcement Mechanisms
POLA: The Principle of Least Access
Key-Based Cryptography
Authorization and Authentication
Password Basics
Network Security
Keeping Your Eyes Open
3. Physical Security
Identifying Physical Security Vulnerabilities
Protecting Physical Assets
Holistic Security: Best Practices
4. File System Security
Protecting Files with NTFS File Permissions
Protecting Data with the Encrypting File System
Protecting System Information with Syskey
5. Group Policy and Security Templates
What Is Group Policy?
How Group Policy Works
How Do Security Templates Work?
Using Group Policy to Enforce Security
Using Security Templates to Deploy Secure Configurations
6. Running Secure Code
Identifying Secure Code
Driver Signing
Software Restriction Policies
7. Authentication
LAN Manager and NTLM
Kerberos
8. IP Security
What Is IP Security?
How Does IPSec Work?
Microsoft's Implementation of IPSec in Windows Server 2003
Using IPSec Correctly
9. Certificates and Public Key Infrastructure
What Are Certificates?
What Do I Do with Certificates?
What Is a Certification Authority?
Deciding Between Public and Private Certification Authorities
Implementing a Public PKI
Planning Your Private Certification Hierarchy
Implementing a Private Certification Hierarchy
Maintaining Your Hierarchy
10. Smart Card Technology
What Are Smart Cards?
Using Smart Cards
11. DHCP and DNS Security
DHCP
DNS
DNS and DHCP Together
12. Internet Information Services Security
What Is IIS?
How Does IIS Work?
Using IIS Securely
13. Active Directory Security
What Is Active Directory?
Structural Components of Active Directory
Domain Controllers
Default Security Through GPOs
Providing Security for Domains
Providing Security for Forests
Providing Security for Active Directory Objects
Providing Security for Domain Controllers
14. Remote Access Security
What Is Remote Access?
Controlling Access
Authentication and Encryption Protocols
Virtual Private Networks
Example Implementations for Remote Access
15. Auditing and Ongoing Security
Security Policies and Procedures
Auditing
Operating System Updates
Appendix: Sending Secure Email
Index
商品描述(中文翻譯)
**描述:**
隨著像 Slammer 這樣的電腦病毒的成功,安全問題現在已成為 Windows 系統管理員的首要任務,與日常任務如設置帳戶和管理性能並列。如果您在小型或中型組織中使用 Windows 2003 Server,或使用 Microsoft 的 Small Business Server,這本徹底而簡明的教程提供了您所需的實用建議,以保護您的網絡。
現代網絡操作系統包括一系列捆綁服務,從傳統的文件和打印共享及互聯網服務到身份驗證、目錄和遠程訪問服務,每一項都可能成為安全漏洞,也是一種能力。《Securing Windows Server 2003》將向您展示如何使用 Windows 安全工具,以及如何運行伺服器的子系統來保護用戶和資源。但這僅僅是開始。
網絡安全需要經過深思熟慮,而不是在威脅發生時才進行火災演習。本書主要集中於如何規劃和實施安全的操作環境。微軟安全專家 Mike Danseglio 使用現實世界的例子向您展示各種安全概念如何與您的系統相關,包括:
- 文件系統安全
- 群組政策和安全模板
- 運行安全代碼
- 身份驗證
- IP 安全
- 公鑰證書和公鑰基礎設施
- 智能卡技術
- DHCP 和 DNS 安全
- 互聯網資訊服務安全
- Active Directory 安全
- 遠程訪問安全
- 安全審計
- 發送安全電子郵件,等等
許多章節包括辯論,虛構的主角討論特定策略或解決方案的利弊。這些辯論提供了對競爭方法的客觀看法,讓您可以選擇最適合您網絡的解決方案。從頭到尾閱讀本書,以創建和實施安全計劃,或將各章作為獨立的課程使用。無論哪種方式,《Securing Windows Server 2003》都將安全地引導您穿越安全威脅的泥沼。
**目錄:**
前言
1. Windows Server 2003 安全概述
- 什麼是安全?
- 什麼是 Windows Server 2003?
- Windows Server 2003 的安全設計
- Windows Server 2003 家族中的安全功能
2. 電腦安全基礎
- 為什麼電腦安全很重要
- 安全執行機制
- POLA:最小訪問原則
- 基於密鑰的加密
- 授權和身份驗證
- 密碼基礎
- 網絡安全
- 保持警覺
3. 物理安全
- 識別物理安全漏洞
- 保護物理資產
- 整體安全:最佳實踐
4. 文件系統安全
- 使用 NTFS 文件權限保護文件
- 使用加密文件系統保護數據
- 使用 Syskey 保護系統信息
5. 群組政策和安全模板
- 什麼是群組政策?
- 群組政策如何運作
- 安全模板如何運作?
- 使用群組政策強制執行安全
- 使用安全模板部署安全配置
6. 運行安全代碼
- 識別安全代碼
- 驅動程序簽名
- 軟件限制政策
7. 身份驗證
- LAN Manager 和 NTLM
- Kerberos
8. IP 安全
- 什麼是 IP 安全?
- IPSec 如何運作?
- 微軟在 Windows Server 2003 中的 IPSec 實現
- 正確使用 IPSec
9. 證書和公鑰基礎設施
- 什麼是證書?
- 我該如何使用證書?
- 什麼是認證機構?
- 在公有和私有認證機構之間做出選擇
- 實施公有 PKI
- 計劃您的私有認證層級
- 實施私有認證層級
- 維護您的層級
10. 智能卡技術
- 什麼是智能卡?
- 使用智能卡
11. DHCP 和 DNS 安全
- DHCP
- DNS
- DNS 和 DHCP 一起使用
12. 互聯網資訊服務安全
- 什麼是 IIS?
- IIS 如何運作?
- 安全使用 IIS
13. Active Directory 安全
- 什麼是 Active Directory?
- Active Directory 的結構組件
- 域控制器
- 通過 GPO 提供的默認安全
- 為域提供安全
- 為森林提供安全
- 為 Active Directory 對象提供安全
- 為域控制器提供安全
14. 遠程訪問安全
- 什麼是遠程訪問?
- 控制訪問
- 身份驗證和加密協議
- 虛擬私人網絡
- 遠程訪問的示例實現
15. 審計和持續安全
- 安全政策和程序
- 審計
- 操作系統更新
附錄:發送安全電子郵件
索引
